Arcane Command Injection Vulnerability in Volume Browser

A command injection vulnerability has been identified in Arcane versions through 1.18.1. The issue arises in the volume browsing feature, where the 'path' query parameter is not properly sanitized before being passed to a shell command inside an Arcane helper container. While the sanitizer blocks '../' traversal, it fails to remove Bourne-shell metacharacters such as '$()', backticks, and others. This allows any authenticated user with access to a browseable volume to execute arbitrary commands in the helper container. The output of these commands is then reflected in the response body as a server error.

Impact

Exploitation of this vulnerability allows authenticated users to execute arbitrary shell commands within a restricted Docker container, with the command output exfiltrated via HTTP 500 error responses. This access could be used to bypass certain API restrictions, such as symlink target censorship and per-file byte limits, potentially leading to unauthorized data access or manipulation. Additionally, the same insufficient input sanitization could be exploited to recursively delete all contents of a targeted Docker volume.

Reproduction

To reproduce this vulnerability, an authenticated user can send a GET request to the '/environments/{id}/volumes/{volumeName}/browse' endpoint with a crafted 'path' query parameter that includes shell metacharacters. The server will execute the 'find' command with the injected payload in a helper container, and the command output will be returned in the response body as a 500 error.